package com.itqianfeng.smartmeeting.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.transaction.annotation.EnableTransactionManagement;

@EnableTransactionManagement
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class webSecurityConfig extends WebSecurityConfigurerAdapter {

    public void configure(HttpSecurity http) throws Exception {
    //url过滤器，如果有需要不经过身份验证就可以访问的，在这里面进行配置
    // antMatchers配置过滤url的方式
        http.authorizeRequests()
            .antMatchers( "/").permitAll()
                        //匿名登录
            .anyRequest().authenticated()
                .and()
                .formLogin().loginPage("/login").permitAll()
                .successForwardUrl("/success")
                .failureForwardUrl("/failure")
                .successHandler(new MyAuthenticationSuccessHandler())
                .failureHandler(new MyAuthenticationFailureHandler())
                .and()
                .logout().permitAll().logoutSuccessHandler(new MyLogoutSuccessHandler())//自定义登出成功
                .and()
                .exceptionHandling().authenticationEntryPoint(new MyAuthenticationEntryPoint())
                .and()
                .csrf().disable();
    }
//        @Bean
//    public UserDetailsService userDetailsservice( ){
//        //内存用户信息管理
//       InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
//        manager.createUser(User.withDefaultPasswordEncoder()
//        .username("user")
//        .password("password")
//        .roles("USER")
//        .build());
//        return manager;
//    }
//@Bean
//public UserDetailsService userDetailsservice( ){
//    DbUser manager=new DbUser();
//    return manager;
//}
}
